Skip to main content
Skip navigation

 

Research data management

Data Administration

This section covers methods for protecting data and ensuring its quality:
 
  • Backups
  • Data Validation and Authentication
  • Documentation
  • Access Controls
  • IT Security

Backups

Making regular backups of data is probably the most important and easiest tasks to manage.

Although most people are quite aware of the risks and cost of losing data through hard drive failure or accidental deletion, it is best to have a policy and schedule in place for maintaining data backups.

When developing your backup strategy, you need to consider:

  • How often will you make backups.
  • How long will backups need to be stored.
  • How much hard-drive space, or number of DVDs, will be required to maintain this backup schedule.
  • If the data is sensitive, how it will be secured and (possibly) destroyed.
  • What backup services are available that meet these needs.
  • Who will be responsible for ensuring backups are made and available when required.

Backup security

Sensitive data should not be stored on a computer connected to the internet or network. If the data needs to be destroyed at the end of a project then consider what level is required – overwriting, physical destruction, shredding, etc.

The lifetime of backups should also be considered as data degradation (data decay, data rot or bit rot)is an ever-present problem. Burned optical discs only have an average lifetime of two years.

If you are using a network drive, you should speak to IT Staff about their backup policies (e.g. how often they backup, the maximum amount of data they can backup, and how long they keep backups).

You may need to maintain your own backups if:

  • there are no services available to you
  • you have valuable data that you do not trust with other people.
  • you have sensitive data that you cannot store on unsecured computers (medical records, data for defence projects, etc).

Data Validation and Authentication

Your data will be used to obtain the results and conclusions of your research, so it is important to ensure its accuracy. Your data may also become an important dataset used by many others, so errors have the potential to hinder future research efforts.

It is therefore important to set up policies and practices to ensure the accuracy and authenticity of your data, including:

  • Calibration of instruments.
  • Use of Computer Assisted Interviews (CAI).
  • Securing master copies to avoid accidental/intentional tampering.
  • Data entry checks, such as two-pass verification and range checking.

Documentation

It is important to document experimental or data gathering methods - this will help if your results are questioned, or assist those who want to repeat/extend your research. It is also valuable to document analytical methods (e.g. if you write a script/macro/program to help analyze the dataset by producing graphs or statistics from your dataset).

You should consider recording information digitally, or scanning hardcopy notes. This information is more useful if it is archives alongside the data it refers to.

Access Controls

Well-defined access controls help you to comply with privacy policies, and maintain data authenticity by limiting those who can modify it.

Access controls may change throughout the life of the research project, and can be defined on a per-user or per-data basis. When data is active you will probably use per-user access permissions:

  • None – has no access to the data
  • Read – can read the data, but not modify
  • Write – can read and modify data
  • Administrator – has the ability to modify others’ access permissions

For example - the principal researcher would have Administrator permissions over all data and Read access to confidential survey data. Research collaborators would have no access to the confidential survey data, Read access to de-identified survey data, and Write access to data analysis and publications.

Access permissions are usually set by right-clicking on a file and editing the security properties.

IT Security

It is important to consider the security of your own data to prevent:

  • Data theft
  • Breach of confidentiality agreements and privacy laws
  • Premature release which can void intellectual property claims
  • Release of data before it has been checked for accuracy and authenticity

Data Security at ANU

ANU has extensive range of policies and information related to IT security. ANU staff and students can install Sophos Anti-Virus on their office and home computers.

If you have sensitive data that is covered by privacy laws or confidentiality agreements it is best to store them on a computer that is not connected to any network. If this is not possible then you can also consider encrypting your data (there are currently no services at ANU to do this).

You must also consider physical security. It is possible for someone to remove your computer hard-drive and install it on their own computer where they can bypass access restrictions. For highly sensitive data you can use an external hard-drive and store it in a locked safe overnight.

Responsible Officer: University Librarian/Page Contact: Library Systems & Web Coordinator